US9374365B2ActiveUtilityA1

Pushing a virtual desktop session from an authenticated device using image scanning

71
Assignee: VMWARE INCPriority: Aug 20, 2014Filed: Aug 20, 2014Granted: Jun 21, 2016
Est. expiryAug 20, 2034(~8.1 yrs left)· nominal 20-yr term from priority
H04L 65/1076H04L 67/14H04L 63/083H04L 63/101H04W 12/04H04W 12/06H04W 12/77H04L 67/08
71
PatentIndex Score
3
Cited by
7
References
20
Claims

Abstract

Image scanning and encoding technologies can be utilized to authenticate devices to virtual desktops and to transfer virtual desktop sessions between devices. One device (e.g., PC or laptop) may encode certain information into an image that is displayed on a display screen, while another mobile device equipped with a digital camera (e.g., mobile phone or tablet) can be used to scan the image on the display screen. Once the image is scanned, it can be decoded by the mobile device to get the information encoded in the image (e.g., device ID, session ID, etc.). The information obtained from the image can be used to authenticate a device or to transfer a virtual desktop session between the devices.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A system for accessing a virtual desktop using image scanning, the system comprising:
 an unauthenticated computing device configured to display an image on a display screen, the image encoded with information identifying the unauthenticated computing device and information identifying a connection broker; and 
 an authenticated mobile device having a virtual desktop session established thereon for accessing a virtual desktop, the authenticated mobile device including a camera used to capture the image, the authenticated mobile device configured to:
 scan the image; 
 decode the information identifying the unauthenticated computing device and the information identifying the connection broker from the image; and 
 verify that the connection broker identified by the information encoded in the image corresponds to the same connection broker that was used to establish the virtual desktop session on the authenticated mobile device; 
 transmit the information identifying the unauthenticated computing device and a session identifier of the virtual desktop session to the connection broker; and 
 
 the connection broker configured to:
 receive the information identifying the unauthenticated computing device from the authenticated mobile device; 
 authenticate the unauthenticated computing device based on the information identifying the unauthenticated computing device; and 
 migrate the virtual desktop session from the authenticated mobile device to the authenticated computing device by using the session identifier. 
 
 
     
     
       2. The system of  claim 1 , wherein the image is a Quick Response (QR) code displayed on a login page of a virtual desktop client application executing on the unauthenticated computing device. 
     
     
       3. The system of  claim 1 , wherein the connection broker is further configured to store a white list containing information identifying each device that is permitted to access the virtual desktop. 
     
     
       4. The system of  claim 1 , wherein the connection broker is further configured to terminate the virtual desktop session on the authenticated mobile device upon establishing the virtual desktop session on the authenticated computing device. 
     
     
       5. The system of  claim 1 , wherein the information encoded in the image further comprises:
 an internet protocol (IP) address of the connection broker configured to establish a connection to the virtual desktop and a client identifier identifying a client application associated with the virtual desktop. 
 
     
     
       6. The system of  claim 5 , wherein the authenticated mobile device is configured to read the IP address of the connection broker from the information encoded in the image and verify that the connection broker identified by the IP address corresponds to the same connection broker that was used to establish the virtual desktop session on the authenticated mobile device. 
     
     
       7. A method for accessing a virtual desktop using image scanning, the method comprising:
 receiving, from a mobile device, information decoded by the mobile device from an image displayed on a display screen of a computing device and captured by a camera of the mobile device, the information identifying the computing device and identifying a connection broker, wherein the mobile device has a virtual desktop session established to access a virtual desktop, and wherein the mobile device is configured to verify that the connection broker identified by the information decoded from the image corresponds to the same connection broker that was used to establish the virtual desktop session for the mobile device; 
 authenticating the computing device using the information decoded from the image by the mobile device; and 
 causing the virtual desktop session to be migrated from the mobile device to the computing device based on the information decoded from the image by the mobile device. 
 
     
     
       8. The method of  claim 7 , wherein the information encoded in the image further comprises:
 an internet protocol (IP) address of the connection broker configured to establish a connection to the virtual desktop and a client identifier identifying a client application associated with the virtual desktop. 
 
     
     
       9. The method of  claim 8 , wherein the mobile device is configured to read the IP address of the connection broker from the information encoded in the image and verify that the connection broker identified by the IP address corresponds to the same connection broker that was used to establish the virtual desktop session on the mobile device. 
     
     
       10. The method of  claim 7 , wherein authenticating the computing device further comprises:
 determining whether the computing device is listed in a white list that identifies all devices permitted to access the virtual desktop. 
 
     
     
       11. The method of  claim 7 , wherein the image is a Quick Response (QR) code displayed on a login page of a virtual desktop client application executing on the computing device. 
     
     
       12. The method of  claim 7 , wherein the virtual desktop is provided on a virtual machine executing on a host server in a data center remotely located with respect to the mobile device and the computing device. 
     
     
       13. The method of  claim 7 , further comprising:
 terminating the virtual desktop session on the mobile device upon establishing the virtual desktop session on the computing device. 
 
     
     
       14. A non-transitory computer readable storage medium comprising one or more sequences of instructions, the instructions when executed by one or more processors causing the one or more processors to execute the operations of:
 receiving, from a mobile device, information decoded by the mobile device from an image displayed on a display screen of a computing device and captured by a camera of the mobile device, the information identifying the computing device and identifying a connection broker, wherein the mobile device has a virtual desktop session established to access a virtual desktop, and wherein the mobile device is configured to verify that the connection broker identified by the information decoded from the image corresponds to the same connection broker that was used to establish the virtual desktop session for the mobile device; 
 authenticating the computing device using the information decoded from the image by the mobile device; and 
 causing the virtual desktop session to be migrated from the mobile device to the computing device based on the information decoded from the image by the mobile device. 
 
     
     
       15. The non-transitory computer readable storage medium of  claim 14 , wherein the information encoded in the image further comprises:
 an internet protocol (IP) address of the connection broker configured to establish a connection to the virtual desktop and a client identifier identifying a client application associated with the virtual desktop. 
 
     
     
       16. The non-transitory computer readable storage medium of  claim 15 , wherein the mobile device is configured to read the IP address of the connection broker from the information encoded in the image and verify that the connection broker identified by the IP address corresponds to the same connection broker that was used to establish the virtual desktop session on the mobile device. 
     
     
       17. The non-transitory computer readable storage medium of  claim 14 , wherein authenticating the computing device further comprises:
 determining whether the computing device is listed in a white list that identifies all devices permitted to access the virtual desktop. 
 
     
     
       18. The non-transitory computer readable storage medium of  claim 14 , wherein the image is a Quick Response (QR) code displayed on a login page of a virtual desktop client application executing on the computing device. 
     
     
       19. The non-transitory computer readable storage medium of  claim 14 , wherein the virtual desktop is provided on a virtual machine executing on a host server in a data center remotely located with respect to the mobile device and the computing device. 
     
     
       20. The non-transitory computer readable storage medium of  claim 14 , further comprising instructions that, when executed by one or more processors, cause the one or more processors to execute the operation of:
 terminating the virtual desktop session on the mobile device upon establishing the virtual desktop session on the computing device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.